Liquidity Management

Gamma

DeFiFoundry

50,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

Retrying a previous cancelled order might continuously fail

Midgar

Summary

After an order has been canceled, the intent of the protocol is to let the keeper try the same order action again. However, there's a chance that the order might fail continuously. And since there's no current way of resetting the nextActionthis might keep the system in a stuck state.

Vulnerability Details

If an order has been canceled, the afterOrderCancellation in the PerpetualVault is called, which sets the nextAction.selector and nextAction.data into the right state in order to call the runNextAction() function by the keeper.

However, if the order is a flawed order, meaning that it will, for some reason, never succeed, retrying it will only keep the protocol in a stuck state, blocking all potential actions by users.

To note here is that cancelOrder only partially solves the problem since it does not work on market orders.

Impact

Severity: Medium, Likelihood: Low

Tools Used

Manual Review.

Recommendations

Add a keeper function allowing the keeper to manually set the nextAction struct to avoid being stuck.

Updates

Lead Judging Commences

n0kto Lead Judge 8 months ago

Submission Judgement Published

Invalidated

Reason: Design choice

Prize pool breakdown

Total prize

50,000 USDC

nSLOC

1,910

26 USDC / LOC

High Medium

47,500

Low

2,500

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.